WHAT IS A DSAR?
A DSAR is a Data Subject Access Request. DSARs give data subjects the ability to ask businesses what information they have on them.
If a company receives a DSAR, they should respond to that request and abide by privacy regulations associated to the data subject, such as CCPA and GDPR.
Documentation of activities specific to each request is important to prove compliance to regulations and mandated response times.
RELEVANT LEGAL DOCUMENTS
In recent years, states have begun to tighten the legal requirements surrounding DSAR requests. California, New York, Nevada, Florida, and other states have drafted or passed legislation requiring companies to adhere to strict requirements.
In California, the California Consumer Protection Act (CCPA) imposes penalties of up to $7,500 for each violation brought by the CA Attorney General. According to research, 58% of companies could not meet GDPR’s requirement of addressing data requests within a one-month timeframe. Businesses with customers in states with timeline requirements need a solution to manage Data Subject Access Requests quickly and efficiently.